Closed rsholokh closed 2 weeks ago
~It's odd that you're seemingly getting a non-JSON response despite the HTTP status code indicating success~. Based on the provided stacktrace you are getting an error response from Snyk that does not provide a JSON body (which based on their API contract it should). Are there any proxies involved in your setup that could cause this?
Separately, I reckon there are multiple different products and plans offered by Snyk, and not all of them grant access to their REST API. Are you able to use your token with the "Issues" API here? https://apidocs.snyk.io
I get a 403 Forbidden response without any JSON in it - probably that's why the parsing error occurs. By the way, it would be very useful to add to Detendency-Track's Analyzers settings the ability to check the proper working of any analyzer with user credentials/secrets by pressing one button. Now I can only guess whether any particular analyzer really works or not.
In the API documentation:
ie, Snyk did not respond with a 401 so it understood/accepted your token. It responded with a 403, meaning that you might be on the wrong plan (per @nscuro).
Per plans, the "Team" Plan does not include access to the API, but the "Enterprise" plan does.
You suggest:
check the proper working of any analyzer with user credentials/secrets by pressing one button
Specifically for Snyk, I logged this as #2395 and have just updated that issue.
Could be a permissions issue. I saw the same error when using a Snyk service account with the Org Collaborator role. The errors were resolved after changing to the Org Admin role. I am on an Enterprise account.
Current Behavior
The log is full of errors related to incorrect JSON in
SnykAnalysisTask
Presumably this is the reason why Snyk doesn't work for me, because out of hundreds of detected vulnerabilities, there is not a single one from Snyk
Steps to Reproduce
Expected Behavior
Proper JSON parsing in
SnykAnalysisTask
Dependency-Track Version
4.8.1
Dependency-Track Distribution
Container Image
Database Server
H2
Database Server Version
No response
Browser
N/A
Checklist